Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1613

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2012-1613
Last Modified 04 Jul 2013 03:30:53
Published 04 Sep 2012 04:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2012-1613

Summary

Cross-site scripting (XSS) vulnerability in edit_one_pic.php in Coppermine Photo Gallery before 1.5.20 allows remote authenticated users with certain privileges to inject arbitrary web script or HTML via the keywords parameter.

Vulnerable Systems

Application

  • Coppermine-gallery Coppermine Photo Gallery 1.0

  • Coppermine-gallery Coppermine Photo Gallery 1.1

  • Coppermine-gallery Coppermine Photo Gallery 1.1.0

  • Coppermine-gallery Coppermine Photo Gallery 1.2

  • Coppermine-gallery Coppermine Photo Gallery 1.2.0

  • Coppermine-gallery Coppermine Photo Gallery 1.2.1

  • Coppermine-gallery Coppermine Photo Gallery 1.3.0

  • Coppermine-gallery Coppermine Photo Gallery 1.3.1

  • Coppermine-gallery Coppermine Photo Gallery 1.3.2

  • Coppermine-gallery Coppermine Photo Gallery 1.3.3

  • Coppermine-gallery Coppermine Photo Gallery 1.3.4

  • Coppermine-gallery Coppermine Photo Gallery 1.3.5

  • Coppermine-gallery Coppermine Photo Gallery 1.4.0

  • Coppermine-gallery Coppermine Photo Gallery 1.4.1

  • Coppermine-gallery Coppermine Photo Gallery 1.4.10

  • Coppermine-gallery Coppermine Photo Gallery 1.4.11

  • Coppermine-gallery Coppermine Photo Gallery 1.4.12

  • Coppermine-gallery Coppermine Photo Gallery 1.4.13

  • Coppermine-gallery Coppermine Photo Gallery 1.4.14

  • Coppermine-gallery Coppermine Photo Gallery 1.4.15

  • Coppermine-gallery Coppermine Photo Gallery 1.4.16

  • Coppermine-gallery Coppermine Photo Gallery 1.4.17

  • Coppermine-gallery Coppermine Photo Gallery 1.4.18

  • Coppermine-gallery Coppermine Photo Gallery 1.4.19

  • Coppermine-gallery Coppermine Photo Gallery 1.4.2

  • Coppermine-gallery Coppermine Photo Gallery 1.4.20

  • Coppermine-gallery Coppermine Photo Gallery 1.4.21

  • Coppermine-gallery Coppermine Photo Gallery 1.4.22

  • Coppermine-gallery Coppermine Photo Gallery 1.4.23

  • Coppermine-gallery Coppermine Photo Gallery 1.4.24

  • Coppermine-gallery Coppermine Photo Gallery 1.4.25

  • Coppermine-gallery Coppermine Photo Gallery 1.4.26

  • Coppermine-gallery Coppermine Photo Gallery 1.4.27

  • Coppermine-gallery Coppermine Photo Gallery 1.4.3

  • Coppermine-gallery Coppermine Photo Gallery 1.4.4

  • Coppermine-gallery Coppermine Photo Gallery 1.4.5

  • Coppermine-gallery Coppermine Photo Gallery 1.4.6

  • Coppermine-gallery Coppermine Photo Gallery 1.4.7

  • Coppermine-gallery Coppermine Photo Gallery 1.4.8

  • Coppermine-gallery Coppermine Photo Gallery 1.4.9

  • Coppermine-gallery Coppermine Photo Gallery 1.5.1

  • Coppermine-gallery Coppermine Photo Gallery 1.5.10

  • Coppermine-gallery Coppermine Photo Gallery 1.5.12

  • Coppermine-gallery Coppermine Photo Gallery 1.5.14

  • Coppermine-gallery Coppermine Photo Gallery 1.5.16

  • Coppermine-gallery Coppermine Photo Gallery 1.5.18

  • Coppermine-gallery Coppermine Photo Gallery 1.5.2

  • Coppermine-gallery Coppermine Photo Gallery 1.5.3

  • Coppermine-gallery Coppermine Photo Gallery 1.5.4

  • Coppermine-gallery Coppermine Photo Gallery 1.5.6

  • Coppermine-gallery Coppermine Photo Gallery 1.5.8


References

MISC - http://www.waraxe.us/advisory-81.html

BID - 52818

MLIST - [oss-security] 20120403 Re: CVE-request: Coppermine 1.5.18 waraxe-2012-SA#081

MLIST - [oss-security] 20120330 Re: CVE-request: Coppermine 1.5.18 waraxe-2012-SA#081

MLIST - [oss-security] 20120330 CVE-request: Coppermine 1.5.18 waraxe-2012-SA#081

EXPLOIT-DB - 18680

SECUNIA - 48643

MISC - http://packetstormsecurity.org/files/111369/Coppermine-1.5.18-Cross-Site-Scripting-Path-Disclosure.html

OSVDB - 80731

CONFIRM - http://forum.coppermine-gallery.net/index.php/topic,74682.0.html

CONFIRM - http://coppermine.svn.sourceforge.net/viewvc/coppermine/trunk/cpg1.6.x/edit_one_pic.php?r1=8348&r2=8354

BUGTRAQ - 20120329 [waraxe-2012-SA#081] - Multiple Vulnerabilities in Coppermine 1.5.18


Last Updated: 27 May 2016 11:00:27